Skip to main content

Verifying Implementations of Security Protocols by Refinement

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNPSE,volume 7152)

Abstract

We propose a technique for verifying high-level security properties of cryptographic protocol implementations based on stepwise refinement. Our refinement strategy supports reasoning about abstract protocol descriptions in the symbolic model of cryptography and gradually concretizing them towards executable code. We have implemented the technique within a general-purpose program verifier VCC and applied it to an extract from a draft reference implementation of Trusted Platform Module, written in C.

Keywords

  • Security Protocol
  • Trust Platform Module
  • Cryptographic Protocol
  • Security Goal
  • Private Area

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (Canada)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (Canada)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (Canada)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abrial, J.-R., Hallerstede, S.: Refinement, decomposition, and instantiation of discrete models: Application to Event-B. Fundam. Inform. 77(1-2), 1–28 (2007)

    MathSciNet  MATH  Google Scholar 

  2. Barnett, M., Chang, B.-Y.E., DeLine, R., Jacobs, B., Leino, K.R.M.: Boogie: A Modular Reusable Verifier for Object-Oriented Programs. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W.-P. (eds.) FMCO 2005. LNCS, vol. 4111, pp. 364–387. Springer, Heidelberg (2006)

    CrossRef  Google Scholar 

  3. Bhargavan, K., Fournet, C., Gordon, A.D.: Modular verification of security protocol code by typing. In: POPL 2010, pp. 445–456. ACM, New York (2010)

    Google Scholar 

  4. Chaki, S., Datta, A.: Aspier: An automated framework for verifying security protocol implementations. In: Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium, pp. 172–185. IEEE Computer Society, Washington, DC, USA (2009)

    CrossRef  Google Scholar 

  5. Cohen, E., Dahlweid, M., Hillebrand, M.A., Leinenbach, D., Moskal, M., Santen, T., Schulte, W., Tobies, S.: VCC: A Practical System for Verifying Concurrent C. In: Berghofer, S., Nipkow, T., Urban, C., Wenzel, M. (eds.) TPHOLs 2009. LNCS, vol. 5674, pp. 23–42. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  6. de Moura, L., Bjørner, N.S.: Z3: An Efficient SMT Solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008)

    CrossRef  Google Scholar 

  7. Dolev, D., Yao, A.: On the security of public key protocols. IEEE Transactions on Information Theory 29(2), 198–208 (1983)

    CrossRef  MathSciNet  MATH  Google Scholar 

  8. Dupressoir, F., Gordon, A.D., Jürjens, J., Naumann, D.A.: Guiding a general-purpose C verifier to prove cryptographic protocols. In: IEEE Computer Security Foundations Symposium (2011)

    Google Scholar 

  9. Goubault-Larrecq, J., Parrennes, F.: Cryptographic Protocol Analysis on Real C Code. In: Cousot, R. (ed.) VMCAI 2005. LNCS, vol. 3385, pp. 363–379. Springer, Heidelberg (2005)

    CrossRef  Google Scholar 

  10. Jacobs, B., Piessens, F.: The VeriFast program verifier. Technical Report CW-520, Department of Computer Science, Katholieke Universiteit Leuven (2008)

    Google Scholar 

  11. Leino, K.R.M., Yessenov, K.: Automated stepwise refinement of heap-manipulating code (2010)

    Google Scholar 

  12. Moy, Y.: Automatic Modular Static Safety Checking for C Programs. PhD thesis, Université Paris-Sud (January 2009)

    Google Scholar 

  13. Mürk, O., Larsson, D., Hähnle, R.: KeY-C: A Tool for Verification of C Programs. In: Pfenning, F. (ed.) CADE 2007. LNCS (LNAI), vol. 4603, pp. 385–390. Springer, Heidelberg (2007)

    CrossRef  Google Scholar 

  14. Sprenger, C., Basin, D.A.: Developing security protocols by refinement. In: ACM Conference on Computer and Communications Security, pp. 361–374 (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Polikarpova, N., Moskal, M. (2012). Verifying Implementations of Security Protocols by Refinement. In: Joshi, R., Müller, P., Podelski, A. (eds) Verified Software: Theories, Tools, Experiments. VSTTE 2012. Lecture Notes in Computer Science, vol 7152. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27705-4_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-27705-4_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-27704-7

  • Online ISBN: 978-3-642-27705-4

  • eBook Packages: Computer ScienceComputer Science (R0)